diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2008-06-20 11:15:54 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2008-06-20 11:15:54 +0000 |
| commit | da97f78ae0e3ab2cbcf76503c4a159da761d0f57 (patch) | |
| tree | 9a10edff08e1abc399f9ba2990ca35c0cf70f904 | |
| parent | 2e1a9da5e2ab29b4e7024395a09ab254f6b8d913 (diff) | |
- Phil Pellouchoud found a case where libcurl built with NSS failed to
handshake with a SSLv2 server, and it turned out to be because it didn't
recognize the cipher named "rc4-md5". In our list that cipher was named
plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported
that it made things work for him again.
| -rw-r--r-- | CHANGES | 6 | ||||
| -rw-r--r-- | RELEASE-NOTES | 4 | ||||
| -rw-r--r-- | lib/nss.c | 1 |
3 files changed, 10 insertions, 1 deletions
@@ -7,6 +7,12 @@ Changelog Daniel Stenberg (20 Jun 2008) +- Phil Pellouchoud found a case where libcurl built with NSS failed to + handshake with a SSLv2 server, and it turned out to be because it didn't + recognize the cipher named "rc4-md5". In our list that cipher was named + plainly "rc4". I've now added rc4-md5 to work as an alias as Phil reported + that it made things work for him again. + - Hans-Jurgen May pointed out that trying SCP or SFTP over a SOCKS proxy crashed libcurl. This is now addressed by making sure we use "plain send" internally when doing the socks handshake instead of the Curl_write() diff --git a/RELEASE-NOTES b/RELEASE-NOTES index e48fdb53e..91f093441 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -23,6 +23,7 @@ This release includes the following bugfixes: o connection re-use when using the multi interface with pipelining enabled o curl_multi_socket() socket callback fix for close/re-create sockets case o SCP or SFTP over socks proxy crashed + o RC4-MD5 cipher now works with NSS-built libcurl This release includes the following known bugs: @@ -40,6 +41,7 @@ This release would not have looked like this without help, code, reports and advice from friends like these: Lenny Rachitsky, Axel Tillequin, Arnaud Ebalard, Yang Tse, Dan Fandrich, - Rob Crittenden, Dengminwen, Christopher Palow, Hans-Jürgen May + Rob Crittenden, Dengminwen, Christopher Palow, Hans-Jurgen May, + Phil Pellouchoud Thanks! (and sorry if I forgot to mention someone) @@ -104,6 +104,7 @@ enum sslversion { SSL2 = 1, SSL3 = 2, TLS = 4 }; static const cipher_s cipherlist[] = { /* SSL2 cipher suites */ {"rc4", SSL_EN_RC4_128_WITH_MD5, SSL2}, + {"rc4-md5", SSL_EN_RC4_128_WITH_MD5, SSL2}, {"rc4export", SSL_EN_RC4_128_EXPORT40_WITH_MD5, SSL2}, {"rc2", SSL_EN_RC2_128_CBC_WITH_MD5, SSL2}, {"rc2export", SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, SSL2}, |